Mailbox Solutions
Individuals
Getting Started
Solutions
Resources
How we protect your data with encryption, access controls, and secure infrastructure
At C-Band Mailbox, security is built into every layer of our platform. From encrypted communications to strict access controls, we implement industry-standard safeguards to protect your personal information and mail data.
C-Band Mailbox uses JWT-based authentication with access and refresh tokens, role-based access controls (RBAC) for Renters, Operators, and Administrators, and supports two-factor authentication (2FA). Every API request is verified by authorization middleware that checks user identity and permissions before granting access.
All data transmitted between your browser and C-Band Mailbox is protected with TLS 1.2 or higher over HTTPS. This covers login credentials, mail scans, personal information, and all API communications. We enforce HTTP Strict Transport Security (HSTS) to prevent protocol downgrade attacks.
All stored data, including mail scans, personal documents, and account information, is encrypted at rest using the 256-bit Advanced Encryption Standard (AES-256). Encryption keys are managed through AWS Key Management Service (KMS) with automatic rotation.
All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. Your credit card details are transmitted directly to Stripe using their secure tokenization and are never stored on C-Band Mailbox servers.
Our platform is hosted on Amazon Web Services (AWS), which independently maintains SOC 1, SOC 2, and ISO 27001 certifications. Canadian customer data is stored in AWS Canada (ca-central-1) region. AWS provides physical data centre security, network isolation, and infrastructure-level DDoS protection through AWS Shield.
We perform automated daily backups of all system data. Backups are retained for 30 days and stored in geographically separate AWS availability zones. In addition to AWS's built-in data redundancy, our backup strategy ensures data can be restored if you accidentally delete information from your account.
Our infrastructure is protected by AWS Shield for DDoS mitigation and network-level firewalls that isolate our services from unauthorized access. Security groups and network access control lists restrict traffic to only authorized ports and protocols.
We conduct regular security assessments including vulnerability scanning and code reviews. Application and server logs are monitored for suspicious activity and unauthorized access attempts. Our incident response procedures ensure security events are detected, investigated, and resolved promptly.
C-Band Mailbox follows data minimization principles, collecting only the information necessary to provide our services. Access to personal data is restricted to authorized personnel on a need-to-know basis. All employees and contractors are bound by confidentiality obligations and receive data protection training.
If you have any questions about our security practices or infrastructure, please contact us.
